CVE-2024-46689 soc: qcom: cmd-db: Map shared memory as WC, not WB

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into the write protected...

Auto/Taxi Stand Management System 1.0 PHP Code Injection

============================================================================================================================================= | Title : Auto/Taxi Stand Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozill...

Emergency Ambulance Hiring Portal 1.0 PHP Code Injection

============================================================================================================================================= | Title : Emergency Ambulance Hiring Portal 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozill...

BP Monitoring Management System 1.0 PHP Code Injection

============================================================================================================================================= | Title : BP Monitoring Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

The vulnerability of the `std::process::Command` function in the `File Extension` component of the Rust programming language operating system for Windows, allowing a malicious actor to execute arbitrary code.

The vulnerability of the std::process::Command function in the File Extension component of the Rust programming language operating system for Windows is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to execute arbitrary code by...

CMSsite 1.0 Shell Upload

============================================================================================================================================= | Title : CMSsite 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...

SUSE CVE-2022-48885

In the Linux kernel, the following vulnerability has been resolved: ice: Fix potential memory leak in icegnssttywrite The icegnssttywrite return directly if the writebuf alloc failed, leaking the cmdbuf. Fix by free cmdbuf if writebuf alloc failed...

GO-2022-0580 Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki in github.com/cloudflare/cfrpki

Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki in github.com/cloudflare/cfrpki...

Alphaware E-Commerce System 1.0 Code Injection

============================================================================================================================================= | Title : Alphaware E-CommerceSystem 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...

CVE-2024-7578

A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified as critical. Affected is an unknown function of the file /var/www/cmd.php. The manipulation of the argument cmd leads to improper authorization. It is possible to launch the attack remotely. The explo...

The vulnerability of the msp_info_htm() function in the msp_info.htm file of the D-Link DI-8100 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfohtm function in the mspinfo.htm file of the D-Link DI-8100 router’s microprogramming system is related to the lack of data cleaning at the control level when processing the cmd parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

Alien ALR-F800 授权问题漏洞

The Alien ALR-F800 is an RFID sensor from Alien. An authorization issue vulnerability exists in Alien ALR-F800 version 19.10.24.00 and prior versions, which stems from the cmd parameter in the /var/www/cmd.php file containing an improper authorization vulnerability...

VulnCheck KEV: CVE-2024-29895

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the...

openSUSE Security Advisory (openSUSE-SU-2024:0211-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-48848

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: trace-cmd record -e all -M 10 -p osnoise --poll Resulted in the following kernel warning: ------------ cut here ------------ WARNING: CPU: 0 PID: 1217 a...

CVE-2022-48848

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: trace-cmd record -e all -M 10 -p osnoise --poll Resulted in the following kernel warning: ------------ cut here ------------ WARNING: CPU: 0 PID: 1217 a...

CVE-2022-48848

CVE-2022-48848 affects the Linux kernel tracing/osnoise workflow. Concrete detail: the issue is caused by unregistering tracepoints twice when stopping tracing (osnoise_workload_stop) and switching tracer to nop, leading to a kernel warning about unregistering an unregistered tracepoint. The conn...

CVE-2022-48848 tracing/osnoise: Do not unregister events twice

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: trace-cmd record -e all -M 10 -p osnoise --poll Resulted in the following kernel warning: ------------ cut here ------------ WARNING: CPU: 0 PID: 1217 a...

CVE-2022-48848 tracing/osnoise: Do not unregister events twice

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: trace-cmd record -e all -M 10 -p osnoise --poll Resulted in the following kernel warning: ------------ cut here ------------ WARNING: CPU: 0 PID: 1217 a...

CVE-2022-48848 tracing/osnoise: Do not unregister events twice

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: trace-cmd record -e all -M 10 -p osnoise --poll Resulted in the following kernel warning: ------------ cut here ------------ WARNING: CPU: 0 PID: 1217 a...